# Hardware Assisted Brute Force Attacks: Still For Dummies

Evidently hardware assisted brute force password cracking has arrived:

This is a companion discussion topic for the original blog entry at: http://www.codinghorror.com/blog/2007/10/hardware-assisted-brute-force-attacks-still-for-dummies.html

Of note-- in 1998, the EFF built Deep Crack: specialized hardware designed for the express purpose of key cracking.

http://en.wikipedia.org/wiki/Deep_Crack

Deep Crack could test 90 billion (90,000,000,000) keys per second.

At that rate, it would crack our 8 character alpha password in 10 minutes … but a 12 character alpha password would take 138 years.

“53,459,728,531,456 / 200,000,000 – ppm – / 60 / 60 / 24 = 3.1 days”

Oh, that’s why these numbers are not adding up correctly. I look at “ppm” and I think “passwords per minute.” But you really mean passwords per second (pps).

Hobbyists have been doing this already: http://nsa.unaligned.org/

Sorry for the soapboxing, but hopefully the patent will get denied. Is it really that large a step from “oh I have a general-purpose processor” to “let’s use it to break keys”?

While brute force is impractical in most cases, it seems possible for highly distributed system to be practical for most common password lengths. For example suppose we use the following formula:

26^12 / ((storm worm infected machines) * 10,000,000) ppm / 60 / 60 / 24 = X years.

I use 10,000,000 as a baseline for most modern machines. One could assume that you could use the higher 200,000,000 number if most machines had a fairly decent video card installed.

The range of storm worm infected machine falls between 1,000,000 and 10,000,000, so lets just assume 5,000,000.
26^12 / (5,000,000 * 10,000,000) ppm / 60 / 60 / 24 = 0.02 days (about 30 minutes).

26^14 / (5,000,000 * 10,000,000) ppm / 60 / 60 / 24 = 15 days

Assuming worst case (10 million infected machines with nice GPUs) we have the following:
26^14 / (10,000,000 * 200,000,000) ppm / 60 / 60 / 24 = 0.37 days (about 9 hours)

Obviously I can still defeat this theoretical distributed cracker by making an even longer password with more possible symbols, but I think it is good to know what password length can be theoretically cracked by modern hardware.

so I guess I’ll be good with my 15 char password for a while

…that contains upper/lower/numbers/signs =o)

I see so many articles about password security lately. I think one of the much more important issue is password IMPORTANCE. I use some crappy six letter, no number default password for the vast majority of things - for example, if I had to sign up to post comments on this blog, I would use that. For the longest time, I felt guilty for that, but nowaday I realize, it’s actually good.

For emails, I use a different, ten letter, 2 numbers password, that I would have to look up if I reinstalled my email client (it’s a sequence found physically inside my house, but not written down - something such as the first letter on the first ten pages of a favorite book, although it’s not that anymore).

For actual, important, critical issues (such as PayPal, eBay, basically what could cause me actual damage), I use one completely random password with 12 letters, numbers and special characters for every service, which are written down on a piece of paper stored inside the safe of my dad. I also do not store these in my browser or similar.

The point I’m trying to make is that I have passwords aligned at tiers of actual importance. My blog identity might seem important, but when you think about it, it really isn’t, at least if compared to my bank account or eBay account. They are tiered by importance and convenience. My “system” pays heed to both the fact that you can’t remember two dozen passwords that are reasonably complex every day, and at the same time you wouldn’t want to put in a default password, no matter how complex, in every other site.

Oh, and as for the article, the increase is only by a faction of 20. That is really not relevant when it comes to password security. We all know Moore’s Law, and we all know that if a password can be cracked in a time that is slow enough to become an issue when divided by 20, it’s lifetime is something like 2-3 years or less anyways. Might as well choose “Joshua”.

While all lower case pass phrases increase the keyspace exponentially, they do nothing to prevent sophisticated dictionary based brute force attacks. I think the fault in your preference for pass phrases is assuming that all brute force attacks treat every permutation of the available characters as an equally probable match.

Plus, who wants to type a book for their password every time they need to log in, especially multiple times when they inevitably screw it up. The average typing speed is painfully slow too

Pretty soon, though, we’ll end up grabbing passwords that have obscure symbols in them. Symbols who’s alt codes we have to type on the numpad while alt is held down because the keyboard doesn’t have it by default…

#8776;.#9792;#9786;#964;!#9566;#9619;

When you say that Hardware assisted brute force attacks never will be a credible threat, do you mean to you and your company (and anyone else using longer passwords) or to the world at large? Because you wouldn’t disagree that they can be a credible threat to anyone with an 8 char password, right?

In short, are you assuming that there aren’t a lot of 8 char passwords out there?

/Mats

I think what he’s saying is that they won’t be a valid security thread, just like super safe cracking experts are not a valid security issue for companies who have their safe combination on a yellow post-it next to the safe.

Just wondering - of the people here that use pass phrases, do you use all common words, or mix in proper names and unusual words?

Here’s an example - which of these would be easier to hack, assuming the hacker knew it was a pass phrase?
“I do not like green eggs and ham.”
“Ben Kenobi went skiing in Mordor.”

But you really mean passwords per second (pps).

You’re absolutely right. I corrected this mistake.

I see so many articles about password security lately. I think one of the much more important issue is password IMPORTANCE

Well, yes, passwords themselves are part of the problem.

In short, are you assuming that there aren’t a lot of 8 char passwords out there?

I’m saying there’s a lot of “password1” out there. If you’re brute forcing that, you’re the stupidest attacker ever. Consider how difficult it is to conduct a legitimate brute force attack, anyway-- one involving millions of attempts per second. It has to be in some kind of offline mode, perhaps against the password file or database.

The only real solution, as I see it, is to educate users on the benefits of passphrases.

Watch out with passphrases, they do need to be longer than you think.

As you point out in your previous article, English words are not sequences of random characters, so although a passphrase might be 10 characters long, a cracker will not need to try all possible 10-letter combinations, and not all combinations of words. Even if you include numbers and add some capitals, especially if you do them in grammatically correct way, the amount of information in a 12-letter passphrase is much less than in 8 random letters. Even throwing in the odd leet substitution won’t help that much if the passphrase is mostly English and the cracker is trying passphrases in a semi-intelligent order.

e.g. Using some kind of combinatorial reverse-markov-chain generator that creates sentences in probabilistic order, and doese leet/capitals/number substitutions as it goes.

http://en.wikipedia.org/wiki/Information_entropy#Entropy_as_information_content

You only get about 1.3 bits of entropy per character in English. So a 10 letter password in English is ~13 bits, or ~8192 combinations. 20 letters gets you ~26 bits which is ~128,000,000 combinations. Or just over half a second of computation. Oops.

OK, I’ve oversimplified. There’s more entropy in short sequences than long ones, so it’s not quite as bad as all that. But it’s still not good.

Of course, my bank requires PINs to be 4 digits in length…

when I told them that was completely useless, they told me it was for “convenience”

Theirs or mine?

If someone had access to your Vista machine* so that they could add extra hardware to do the cracking, surely then they could just stuck in a Damn Small Linux Live CD and just mount the hard drive and read it like that?